[ovs-discuss] Why the flow entry with dl_vlan doesn't work in fake bridge when the VMs are in the same host?
Kris zhang
zhang.kris at gmail.com
Tue Mar 5 12:21:15 UTC 2013
Hi guys,
First I create a bridge br0, and then i create a fake bridge (tag=100) on
br0, next i create two VMs and connect to the fake bridge br100. last i add
a flow entry into the br0:
ovs-ofctl
add-flow priority=1000,tcp,dl_vlan=100,nw_dst=20.1.64.5,tp_dst=23,action=drop
The purpose of this flow entry that don't allow one VM telnet another VM.
But this flow doesn't work, so please help me!
I draw a picture to explain it, please see the below.
[image: Inline image 2]
But if the VM are not on the same host, then this flow works. i don't know
why?
[image: Inline image 3]
Any advice is welcome!
Thanks in advanced,
Kris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20130305/e9ab1c18/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 41502 bytes
Desc: not available
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20130305/e9ab1c18/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 58623 bytes
Desc: not available
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20130305/e9ab1c18/attachment-0005.png>
More information about the discuss
mailing list